Add change password feature

packages/backend/src/app.ts

@@ -158,6 +158,45 @@ const app = new Elysia()
 				.execute();
 		})
 
+		.post("/change-password", async ({ db, body: { username, currentPassword, newPassword }, set }) => {
+
+			const user = await db
+				.selectFrom("User")
+				.selectAll()
+				.where("username", "=", username)
+				.executeTakeFirst();
+
+			if (user === undefined) {
+				return error("Unauthorized", "Invalid username or password");
+			}
+
+			const valid = await Bun.password.verify(currentPassword, user.password);
+			if (!valid) {
+				return error("Unauthorized", "Invalid username or password");
+			}
+
+			const password = await Bun.password.hash(newPassword);
+
+			const res = await db
+				.updateTable("User")
+				.set({ password })
+				.where("username", "=", username)
+				.returningAll()
+				.execute();
+
+			if (res.length === 0) {
+				return error("Unauthorized", "Invalid username or password");
+			}
+
+			set.status = "No Content";
+		}, {
+			body: t.Object({
+				username: t.String({ minLength: 1 }),
+				currentPassword: t.String({ minLength: 1 }),
+				newPassword: t.String({ minLength: 1 }),
+			}),
+		})
+
 		// --- MARK: USER MANAGEMENT -------------------------------------------
 
 		.get("/user/:userId", async ({ db, params: { userId }, user }) => {